New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
plugin/kubernetes: Wildcard SRV records for endpoints peculiarity #2029
Comments
IMO, we should allow the 3 NXDOMAIN examples above to work. |
[ Quoting <notifications@github.com> in "[coredns/coredns] plugin/kubernetes..." ]
When `myservice` is a non-headless service, the following SRV query to all it's endpoints works:
`dig -t SRV *.myservice.default.svc.cluster.local.`
It returns a list of SRV records for all endpoints in the service. e.g.
```
;; ANSWER SECTION:
*.myservice.default.cluster.local. 5 IN SRV 0 50 443 172-17-0-253.myservice.default.cluster.local.
*.myservice.default.svc.cluster.local. 5 IN SRV 0 50 80 172-17-0-253.myservice.default.cluster.local.
;; ADDITIONAL SECTION:
172-17-0-253.myservice.default.cluster.local 5 IN A 172.17.0.253
```
But all the following return `NXDOMAIN`:
`dig -t SRV *.*.*.myservice.default.svc.cluster.local.`
(which you'd expect the same result as above)
Why? this has more labels than k8s supports.
`dig -t SRV _http._tcp.*.myservice.default.svc.cluster.local.`
(specifying the port and protocol fields)
`dig -t SRV _http._tcp.172-17-0-253.myservice.default.svc.cluster.local.`
(with no wildcards used)
Wild card queries are not part of the k8s dns spec, and neither are SRV queries for endpoints (only headless and non-headless services are defined). So hard to say if this is a bug or not. But the behavior is certainly inconsistent.
What is the inconsistency?
|
K8s actually does support this many labels. It's an
The inconsistency is that we allow SRV requests of endpoint in one form, but not others. |
hello, regarding to SRV query record like that: coredns doesn't create this kind of SRV record [in some reason], but Haproxy and nginx build SRV query exactly like this. Example: https://www.haproxy.com/blog/dns-service-discovery-haproxy In docs of coredns I see that it should create this type of SRV, but it simply doesn't. Instead of this coredns create SRV records like this: So I'm unable to use Haproxy or Nginx for dns load balancing. |
You need to name the port in your service spec:
|
When
myservice
is a non-headless service, the following SRV query to all it's endpoints works:dig -t SRV *.myservice.default.svc.cluster.local.
It returns a list of SRV records for all endpoints in the service. e.g.
But all the following return
NXDOMAIN
:dig -t SRV *.*.*.myservice.default.svc.cluster.local.
(which you'd expect the same result as above)
dig -t SRV _http._tcp.*.myservice.default.svc.cluster.local.
(specifying the port and protocol fields)
dig -t SRV _http._tcp.172-17-0-253.myservice.default.svc.cluster.local.
(with no wildcards used)
Wild card queries are not part of the k8s dns spec, and neither are SRV queries for endpoints (only headless and non-headless services are defined). So hard to say if this is a bug or not. But the current behavior is certainly inconsistent with itself.
The text was updated successfully, but these errors were encountered: